Responsed Unauthorized 401 in AllowAny permission

[junngo]

Hi there :)
I'd like to know you about this situation and this is just a suggestion.

I happened a similar problem in case #2383
I set AllowAny permission, and DRF returns an Unauthorized 401 response.
The reason is If you call API with Authorization property such as Authorization: Bearer null[0], It return 401.

Regardless of whether there is Authorization property or not, should we consider not causing 401 in AllowAny permission?

[0]

[struckchure]

AllowAny tries to verify the token if it exists, if it doesn't exist, it moves on. Passing a null value would raise a 401 as expected, the way I see it, you just shouldn't pass the token if it's not valid

[stale]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.